Government Technology

Government Agencies Among Those Hacked in Massive January Botnet Attack


February 22, 2010 By

A massive cyber-attack has compromised the information of roughly 75,000 computer systems in at least 2,400 corporations and governments around the world, according to a U.S. security firm.

The Washington Post reported on Feb. 18, that NetWitness, based in Virginia, has found that the Kneber bot is responsible for an infiltration that began in 2008 but was discovered just this past month, almost two years after it was supposed to have begun. Targeted data includes e-mails, credit card transactions and log-in credentials. Kneber is being deemed a botnet, a computer program created by a Trojan designed to infiltrate computers and wreak havoc.

"Botnets themselves aren't new," said Michael Maloof, CTO of TriGeo Network Security. "Most of the spam on the Internet is driven by millions of compromised PCs, but I think what is relatively new is that the botnet herders seem to be targeting high-value corporations and certainly high-value government institutions."

Amit Yoran, CEO of NetWitness, told The Wall Street Journal that Eastern European criminals originated the attack by using computers in China. Neither the Journal nor the Post claims that it had anything to do with government powers in those countries.

"The technology itself is not a big deal, but the risk is," Maloof said. "And I think anyone who's not taking the risk seriously really needs to wake up and smell the coffee here. This falls into this category, really, [of] an advanced persistent threat. There are highly organized individuals out there who have access to sophisticated technology,"

Ten government agencies in the United States were victims in the attack, but the vast majority of those targeted were from the private-sector health and technology areas. Unfortunately neither the public- nor private-sector organizations were able to protect themselves from the breach, perhaps suggesting that the IT community as a whole needs to be more diligent in security.

Jeff Nigriny, president of CertiPath, suggested that IT security professionals need to be as competent in protecting computers systems as doctors and scientists are in protecting the biological world.

"I don't think you would ever see a report in the medical community about one system in the human body shutting down after another," he said. "We have doctors who are trained to find the route cause, whether it's cancer, radiation poisoning or a blood disorder, whatever."


| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
Cybersecurity in an "All-IP World" Are You Prepared?
In a recent survey conducted by Public CIO, over 125 respondents shared how they protect their environments from cyber threats and the challenges they see in an all-IP world. Read how your cybersecurity strategies and attitudes compare with your peers.
View All

Featured Papers